What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?
Answer : C
Which response organization tracks hoaxes as well as viruses?
Answer : D
Which federal computer crime law specifically refers to fraud and related activity in connection with access devices like routers?
Answer : A
Office documents (Word, Excel, PowerPoint) contain a code that allows tracking the MAC, or unique identifier, of the machine that created the document. What is that code called?
Answer : C
What TCP/UDP port does the toolkit program netstat use?
Answer : B
Under which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?
Answer : B
In a FAT32 system, a 123 KB file will use how many sectors?
Answer : B
You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?
Answer : B
When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?
Answer : A
How many sectors will a 125 KB file use in a FAT32 file system?
Answer : C
You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?
Answer : C
When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?
Answer : C
Bob has been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the
System for a period of three weeks. However, law enforcement agencies were recoding his every activity and this was later presented as evidence.
The organization had used a Virtual Environment to trap Bob. What is a Virtual Environment?
Answer : A
To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software?
Answer : C
With Regard to using an Antivirus scanner during a computer forensics investigation, You should:
Answer : D